Phishing

(The University of Chicago - Maya Lim)

Phishing attacks are a kind of social engineering attack where the attacker generates a fraudulent email, text, or website to trick a victim into surrendering sensitive information - such as login credentials for work, passwords to online accounts, credit card info, etc. 

Phishing occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information. An attack can have devastating results. For individuals, this includes unauthorized purchases, the stealing of funds, or identify theft.

Of all the threats, phishing emails are among the gravest because they can trick an employee into giving up their legitimate access credentials, and then abuse those privileges to wreak havoc on your business’ systems. Plus, as time goes on, more attackers are using phishing strategies because of how cheap, effective, and easy they can be to pull off. It's a low-risk, high-reward strategy for cybercriminals that can they can use with only a minimal investment to time and effort.

Moreover, phishing is often used to gain a foothold in corporate or governmental networks as a part of a larger attack, such as an advanced persistent threat (APT) event. In this latter scenario, employees are compromised in order to bypass security perimeters, distribute malware inside a closed environment, or gain privileged access to secured data. 

An organization succumbing to such an attack typically sustains severe financial losses in addition to declining market share, reputation, and consumer trust. Depending on scope, a phishing attempt might escalate into a security incident from which a business will have a difficult time recovering.